ARTICLE
10 September 2018

John McAfee's ‘Unhackable' Cryptocurrency Wallet Hacked

B
BakerHostetler

Contributor

BakerHostetler logo
Recognized as one of the top firms for client service, BakerHostetler is a leading national law firm that helps clients around the world address their most complex and critical business and regulatory issues. With five core national practice groups — Business, Labor and Employment, Intellectual Property, Litigation, and Tax — the firm has more than 970 lawyers located in 14 offices coast to coast. BakerHostetler is widely regarded as having one of the country’s top 10 tax practices, a nationally recognized litigation practice, an award-winning data privacy practice and an industry-leading business practice. The firm is also recognized internationally for its groundbreaking work recovering more than $13 billion in the Madoff Recovery Initiative, representing the SIPA Trustee for the liquidation of Bernard L. Madoff Investment Securities LLC. Visit bakerlaw.com
Explore Firm Details
Cryptocurrency wallet manufacturer BitFi has become the latest challenger to fail in its bid to disprove the well-established cybersecurity axiom that nothing is unhackable.
United States Technology
Photo of Brian P. Bartish
Authors

Cryptocurrency wallet manufacturer BitFi has become the latest challenger to fail in its bid to disprove the well-established cybersecurity axiom that nothing is unhackable. A team of researchers recently published evidence that they successfully sent signed transactions with the wallet by modifying the device, connecting to the wallet's server and transmitting sensitive data with it, conditions that would entitle the team to a $10,000 bug bounty issued by BitFi. BitFi has yet to acknowledge whether it will pay the bounty.

While this may be the first effort to successfully meet the terms of one of BitFi's bounties, it follows a number of successful efforts to compromise the device, including one instance where a 15-year-old hacker modified the firmware to play the video game Doom, after BitFi executive chairman and one-time anti-virus pioneer John McAfee personally backed a bounty challenge of $100,000 on July 24. McAfee and BitFi balked at these earlier hacks and refused to pay the bounty, claiming that they did not match the terms of the bounty to the letter, and even sent threatening tweets aimed at the hackers – responses that earned BitFi an award for worst vendor response at DEF CON earlier this month.

Despite BitFi's dubious claims of "fortress-like security" – McAfee later conceded that calling the wallet unhackable may have been "unwise" – the bounty program seems to have been a success at least from a marketing perspective. BitFi touts its ability to support an unlimited number of cryptocurrencies and allow users to generate a secret phrase to control the device, as opposed to a 24-word mnemonic seed. Further, BitFi touts itself as completely open source, so the user stays in control of the funds even if the manufacturer of the wallet ceases to exist.

For further reading, please see the following:

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Brian P. Bartish
Brian P. Bartish
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More